Privacy Shield Framework Gains Popularity in EU, US: Report

More organizations plan to secure personal data in transit from the European Union to the United States in 2018, as reported in the upcoming Privacy Governance Survey from EY and the International Association of Privacy Professionals (IAPP).

The survey annually monitors privacy practices among global organizations and this year covered 548 organizations. Nearly half (47%) of businesses transferring personal data from the EU to US will use Privacy Shield in 2018, an increase from 34% last year.

Small-to-medium-sized businesses are especially interested in Privacy Shield; 67% of those with less than 5,000 employees will use it as a data transfer mechanism in 2018. Excluding healthcare and financial services firms, which are not regulated by the FTC, which oversees Privacy Shield, 49% of US companies and 53% of EU companies will participate.

Privacy Shield is not the most common method of transferring data from the EU to the US. Standard contractual clauses will be used among 88% of respondents, researchers found. These findings come at a time of uncertainty for many businesses, which are increasingly interested in the derogations for data transfer outlined in GDPR, set to go into action in May 2018.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legacy i...